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DETAILED ACTION 

1. Claims 1-20 have been examined. 

Claim Rejections - 35 USC §103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

3. Claims 1, 2, 4-6, 8-10, 14, 16, and 17 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Davis U.S. Pat. No. 6064739 (hereinafter Davis) in view of Grecsek U.S. Pat. 
No. 6088801 (hereinafter Grecsek). 

4. As per claim 1 , Davis discloses a method for protecting electronic content from 
unauthorized use, the method including: receiving a request to access a piece of electronic 
content and encapsulates encrypted digital data from the time it is received until it is provided to 
a display device to prevent software probing (Davis: column 1 lines 14-21 and column 1 lines 50 
- column 2 line 29). Davis does not explicitly disclose identifying one or more software modules 
responsible for processing the piece of electronic content; evaluating one or more predefined 
characteristics of the one or more software modules; denying the request to access the piece of 
electronic content if the one or more predefined characteristics fail to satisfy a set of predefined 
criteria. However, Grecsek discloses evaluate the risks of executing software processes based on 
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capability-based policy to prevent unauthorized invocation s of services located on the user's 
computer in order to protect data from unauthorized use (Grecsek: column 1 line 19 - column 2 
line 47 and column 3 lines 17-51). Therefore, it would have been obvious to one having ordinary 
skill in the art at the time of applicant's invention to combine the teachings of Grecsek within the 
system of Davis because it increases data protection by making sure the data is not being used by 
unauthorized software hidden in the computer system. 

5. As per claim 2, Davis as modified discloses a method as in claim 1 . Davis as modified 
further disclose the method including: using the predefined criteria to evaluate a predefined 
policy, and basing a decision to deny the request on the outcome of this evaluation (Grecsek: 
column 3 lines 35-63 and column 4 lines 21-36). 

6. As per claim 4, Davis discloses a system for protecting electronic content by preventing 
software probing and monitoring software and hardware devices from unauthorized access 
(Davis: column 1 lines 14-21 and column 1 lines 50 - column 2 line 29 and column 7 lines 6-28). 
David does not explicitly disclose the system comprising: means for applying a cryptographic 
fingerprint to the electronic content; means for evaluating one or more predefined characteristics 
of the drivers responsible for handling the electronic content; means for denying effective access 
to the electronic content based on an output of said means for evaluating one or more predefined 
characteristics of the drivers responsible for handling the electronic content; means for 
generating an identifier associated with the electronic content; means for monitoring a predefined 
system interface for data containing the identifier; means for preventing effective access to data 
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containing the identifier via the predefined system interface. However, Grecsek discloses a 
system for protecting data from unauthorized access by evaluating the risks of executing 
software processes based on capability-based policy to prevent unauthorized invocation s of 
services located on the user's computer in order to protect data from unauthorized use (Grecsek: 
column 1 line 19 - column 2 line 47 and column 3 lines 17-51). Therefore, it would have been 
obvious to one having ordinary skill in the art at the time of applicant's invention to combine the 
teachings of Grecsek within the system of Davis because it increases data protection by making 
sure the data is not being used by unauthorized software hidden in the computer system. 

7. As per claim 5, Davis discloses a method for protecting electronic content from 
unauthorized use, the method including: (a) receiving a request to access a piece of electronic 
content (Davis: column 2 lines 58 - column 3 line 6) and protect it from unauthorized access by 
other software/hardware probing (Davis: column 1 lines 14-21 and column 1 lines 50 - column 2 
line 29 and column 7 lines 6-28). Davis does not explicitly disclose (b) generating a first 
identifier associated with the electronic content; (c) monitoring at least one system interface, the 
monitoring including: (1) receiving a piece of electronic data; (2) generating a second identifier 
associated with the piece of electronic data; (3) comparing the second identifier with the first 
identifier; (4) taking a predefined defensive action if the second identifier is related to the first 
identifier in a predefined manner. However, Grecsek discloses a method for protecting data from 
unauthorized access by evaluating the risks of executing software processes based on capability- 
based policy to prevent unauthorized invocation s of services located on the user's computer in 
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order to protect data from unauthorized use (Grecsek: column 1 line 19 - column 2 line 47 and 
column 3 lines 17 - column 4 line20). Same rationale applies here as above in rejecting claim 1. 

8. As per claim 6, Davis as modified discloses a method as in claim 5. Davis as modified 
further discloses the method including: (a)(1) decrypting the electronic content (Davis: column 2 
lines 16-29). 

9. As per claim 8, Davis as modified discloses a method as in claim 5. Davis as modified 
does not explicitly disclose in which the first identifier comprises a predefined portion of the 
electronic content and in which the second identifier comprises a predefined portion of the piece 
of electronic data. However, Herzberg discloses these limitations (Herzberg: column 1 line 44 - 
column 2 line 35). It would have been obvious to one having ordinary skill in the art at the time 
of applicant's invention to combine the teachings of Herzberg within the combination of Davis- 
Grecsek because it is well known in the art to authenticate whether an object is authorized for 
access by comparing two values. 

10. As per claim 9, Davis as modified discloses a method as in claim 5. Davis as modified 
further discloses in which the system interface comprises a file system interface to one or more 
device drivers (Grecsek: column 3 line 52 - column 4 line 20). 
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11. As per claim 10, Davis as modified discloses a method as in claim 5. Davis discloses re- 
encrypting/modifying the piece of electronic data when the data is stored in the buffer to prevent 
software probing (Davis: column 2 lines 16-29 and column 1 lines 50 - column 2 line 29 and 
column 7 lines 6-28). 

12. As per claim 14, Davis as modified discloses a method as in claim 5. Davis as modified 
further discloses in which the predefined defensive action comprises preventing the transfer of at 
least a portion of the piece of electronic data to an output device via the system interface 
(Grecsek: column 3 line 64 - column 4 line20). 

13. As per claim 16, Davis as modified discloses a method as in claim . Davis as modified 
further discloses in which the at least one system interface is selected using rules associated with 
the electronic content, the rules being operable to identify certain system interfaces to which the 
electronic content is not allowed to be sent (Grecsek: column 3 line 64 - column 4 line20). 

14. As per claim 17, Davis as modified discloses a method as in claim 9. Davis as modified 
further discloses in which the one or more device drivers are selected from the group consisting 
of: video display driver, sound driver, SCSI driver, IDE driver, network driver, video capture 
driver, floppy disk driver, and scanner driver (Grecsek: column 3 line 64 - column 4 line 27). 
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15. Claims 3, 7, 15, 18-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Davis in view of Grecsek and further in view of Herzberg et al. U.S. Pat. No. 5745678 
(hereinafter Herzberg). 

16. As per claim 3, Davis as modified discloses a method as in claim 1 . Davis as modified 
does not explicitly disclose in which evaluating one or more predefined characteristics of 

the one or more software modules includes computing the cryptographic hash of at least one of 
the one or more software modules. However, Herzberg disclose using cryptographic hash value 
to authenticate whether a software program is authorized (Herzberg: column 1 line 44 - column 
2 line 35). It would have been obvious to one having ordinary skill in the art at the time of 
applicant's invention to combine the teachings of Herzberg within the combination of Davis- 
Grecsek because it is well known in the art to authenticate whether an object is authorized for 
access using cryptographic hash. 

17. As per claim 7, Davis as modified discloses a method as in claim 5. Davis as modified 
does not explicitly disclose the first identifier comprises a hash of at least a portion of the 
electronic content, and in which the second identifier comprises a hash of at least a portion of the 
piece, of electronic data. However, Herzberg discloses these limitations (Herzberg: column 1 line 
44 - column 2 line 35). It would have been obvious to one having ordinary skill in the art at the 
time of applicant's invention to combine the teachings of Herzberg within the combination of 
Davis-Grecsek because it is well known in the art to authenticate whether an object is authorized 
for access using cryptographic hash. 
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18. As per claim 15, Davis as modified discloses a method as in claim 5. Davis as modified 
further discloses comparing the identifier to determine whether the software is allowed to be 
executed (Grecsek: column 3 line64 - column 4 line6). Alternatively, Herzberg also discloses 
comparing the first and second identifiers (Herzberg: column 1 line 52 - column 2 line 35). It 
would have been obvious to one having ordinary skill in the art to combine the teachings of 
Herzberg within the combination of Davis-Grecsek because it increases the security of the 
system by authenticating the program to ensure it is authorized program through comparison. 

19. As per claim 18, Davis as modified discloses a method as in claim 5, Davis as modified 
does not explicitly disclose the method comprising: (a)(1) inserting a cryptographic fingerprint 
into the piece of electronic content, the cryptographic fingerprint containing information relating 
to the request to access said piece of electronic content. However, Herzberg discloses that 
limitation (Herzberg: column 1 line 52 - column 3 line 35). Same rationale applies here as above 
in rejecting claim 7. 

20. As per claim 19, Davis as modified discloses a method as in claim 18, Davis as modified 
further discloses in which inserting said cryptographic fingerprint into the piece of electronic 
content includes: (i) authenticating a fingerprinting engine using a cryptographic credential; (ii) 
using the fingerprinting engine to insert the cryptographic fingerprint into the piece of electronic 
content (Herzberg: column 1 line 52 - column 3 line 35). 
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21. As per claim 20, Davis as modified discloses a method as in claim 19. Davis as modified 
further discloses in which the fingerprinting engine is operable to authenticate a calling 
application using a cryptographic credential (Herzberg: column 1 line 52 - column 3 line 35). 

22. Claim 1 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over Davis in view of 
Grecsek and further in view of Ciacelli et al. U.S. Pat. No. 6236727 (hereinafter Ciacelli). 

23. As per claim 11, Davis as modified discloses a method as in claim 10. Davis as modified 
does not explicitly disclose in which modifying at least a portion of the piece of electronic data 
includes scrambling at least a portion of the piece of electronic data. However, Ciacelli discloses 
scrambling portion of electronic data to protect copyright data (Ciacelli: column 2 lines 3-65). It 
would have been obvious to one having ordinary skill in the art at the time of invention to 
combine the teachings of Ciacelli within the combination of Davis-Grecsek because scrambling a 
digital data protects the data from being viewed or used by unauthorized parties. 

24. Claims 12 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over Davis 
in view of Grecsek and further in view of Shimada European Patent No. EP09 15620 (hereinafter 
Shimada). 

25. As per claim 12 and 13, Davis as modified discloses a method as in claim 5. Davis as 
modified does not explicitly disclose the predefined defensive action comprises adding 
noise/electronic watermark to at least a portion of the piece of electronic data. However, 
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Shimada discloses that limitation (Shimada: [001 1]-[0017]). It would have been obvious to one 
having ordinary skill in the art at the time of applicant's invention to combine the teachings of 
Shimada within the combination of Davis-Grecsek because buring noise and digital watermark 
into data prevents unauthorized copy of a recorded data by an recording/reproducing device. 



Conclusion 

26. The prior art made of record and not relied upon is considered pertinent to applicants 
disclosure. 

Hall U.S. Pat. No. 5126728 discloses control the flow of protected data through 
unauthorized computing environment and eliminate sensitive data from passed on (Hall: column 
3 lines 41 -67). 

Horbuckle U.S. Pat. No. 5613089 discloses method for remotely controlling and 
monitoring the use of computer software. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shin-Hon Chen whose telephone number is (703) 305-8654. The 
examiner can normally be reached on Monday through Friday 8:30am to 5:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (703) 305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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